Programming Guides › Programming Guide for Perl › CLI Policy Management Methods › Realm Methods › CreateRule Method—Creates and Configures a Rule under the Realm

CreateRule Method—Creates and Configures a Rule under the Realm

The CreateRule method creates and configures a rule under the realm.

Syntax

The CreateRule method has the following format:

Netegrity::PolicyMgtRealm‑>CreateRule( ruleName [, ruleDesc] [, action] [, resource] [, allowAccess] [, regexMatch] [, activeExpr] [, isEnabled] )

Parameters

The CreateRule method accepts the following parameters:

ruleName (string)

Specifies the name of the rule.

ruleDesc (string)

(Optional) Specifies the description of the rule.

action (string)

(Optional) Specifies the type of action that the rule will execute. One of the following actions:

For action type Web Agent actions, use one or more of the following HTTP actions. Use commas to separate multiple actions:

• GET. Retrieves a resource for viewing through HTTP.
• POST. Posts user-supplied information through HTTP.
• PUT. Supports legacy HTTP actions.

For action type Authentication events:

• OnAuthAccept. Occurs when a user successfully authenticates.
• OnAuthAttempt. Occurs when a user fails to authenticate because no user name was supplied.
• OnAuthChallenge. May be used in custom authentication schemes to trigger a response.
• OnAuthReject. Occurs when a user fails to authenticate.
• OnAuthUserNotFound. Used to trigger Active Responses.

For action type Authorization events:

• OnAccessAccept. Occurs when SiteMinder successfully authorizes a user to access the resource.
• OnAccessReject. Occurs when SiteMinder rejects a user because the user is not authorized to access the resource.

  resource (string)

(Optional) Specifies the resource protected by the rule. This value doesn't apply to action type Authentication events.

allowAccess (int)

(Optional) Specifies a flag to allow or deny access to the resource protected by the rule: 1 allows access, or 0 denies access. This flag applies only to action values of type GET, PUT, and/or POST. The default is 1.

regexMatch (int)

(Optional) Specifies a flag to allow regular expression pattern matching in the resource field : 1 allows regular expression matching, and 0 denies regular expression matching. This flag doesn't apply to action type Authentication events. The default is 0.

activeExpr (string)

(Optional) Specifies the active expression associated with the rule.

isEnabled (int)

(Optional) Specifies a flag to enable or disable the rule:1 to enable, or 0 to disable. The default is enabled.

Return Value

The CreateRule method returns one of the following values:

• A PolicyMgtRule object
• undef if the call is unsuccessful